Menu
▾
▴
perl-ldap-dev
|
From: DeMarco, A. <DEM...@sy...> - 2002-09-16 16:59:34
|
So I should use this:
my $base = "cn=demarcao,cn=SUNY";
?
When I do I get an LDAP Error 32, where can I get a list of what the errors
mean?
Thanks for the help..
- Alex
-----Original Message-----
From: pau...@cp... [mailto:pau...@cp...]
Sent: Monday, September 16, 2002 11:56 AM
To: LDAP Mailing List
Cc: DeMarco, Alex
Subject: RE: [Fwd] checkauth problem
When binding to Exchange, you don't use the Exchange DN. Instead use a DN
based on the userid and the domain of the form cn=<userid>,cn=<domain>,
e.g.
cn=Administrator,cn=TESTDOM
The password is the domain password.
>-- Original Message --
>From: Graham Barr <gb...@po...>
>To: LDAP Mailing List <per...@li...>
>Cc: "DeMarco, Alex" <DEM...@sy...>
>Subject: [Fwd] checkauth problem
>Date: Mon, 16 Sep 2002 13:23:43 +0100
>
>
>----- Forwarded message from "DeMarco, Alex" <DEM...@sy...>
-----
>
>Date: Mon, 16 Sep 2002 08:21:47 -0400
>To: "'gb...@po...'" <gb...@po...>
>From: "DeMarco, Alex" <DEM...@sy...>
>Subject: checkauth problem
>
>Hello, I'm using the script below but cannot get it to work right.
>It appears to run fine but I keep getting bad userid or password.
>
>I'm trying to authenticate against an Exchange 5.5 server that is running
>ldap.
>I've tried my plain userid and domain\userid without any luck. Am I missing
>something? Any hints would be appreciated.
>
>thanks!
>
>- Alex
>
>
>
>#!/usr/local/bin/perl
>#
># Contributed by Mark Wilcox <mew...@un...>
>
>use Net::LDAP;
>#checkauth.pl
>#get id and password from command line
>#return if authenticated or not
>my $id = shift;
>my $password = shift;
>
>print "id is $id\n";
>die ("usage checkauth.pl uid password.") unless (($id) && ($password));
>
>my $host = "141.254.1.24";
>my $base = "o=SUNY";
>my $ldap = new Net::LDAP($host);
>
>$ldap->bind();
>
>my @attrs = ["uid"];
>
>my $mesg = $ldap->search(
> base => $base,
> filter => "uid=$id",
> attrs => @attrs
> );
>
>print "LDAP error is ",$mesg->code(),"\n" if $mesg->code();
>
>
>#if we don't trap a bad id, authentication will give false positive
>#because LDAP server will revert to anonymous authentication
>die ("bad id\n") unless $mesg->count();
>
>die("more than 1 entry matches uid\n") if $mesg->count > 1;
>#get a complete dn from search return
>my $entry = $mesg->entry(0); # CAUTION: assumes only one value returned
>my $dn = $entry->dn;
>
>#now rebind and then do search again
>$mesg = $ldap->bind($dn, password=>$password);
>
>
>die ("bad id or password \n") if $mesg->code() ;
>print "$id OK\n";
>$ldap->unbind();
>
>print "done\n";
>
>----- End forwarded message -----
>
>
>-------------------------------------------------------
>This sf.net email is sponsored by:ThinkGeek
>Welcome to geek heaven.
>http://thinkgeek.com/sf
----------------------------------------------------------------------------
J. Paul Connolly
Consulting Architect
Critical Path
42-47, Lower Mount St.,
Dublin 2,
Ireland
+353-87-238-1327 (Mobile)
+353-1-241-5152 (Direct)
+353-1-241-5170 (Fax)
pau...@cp...
www.cp.net
Critical Path
A global leader in Internet communications
----------------------------------------------------------------------------
|
|
From: DeMarco, A. <DEM...@sy...> - 2002-09-16 17:51:09
|
I'm slowly catching on.
Since I will know the userid and the password and the domain for the person
I am looking for, there is no sense in searching. Just try to bind as that
user.. RIGHT?
So if:
Userid = USERJO
password = welcome
Domain = MYTEST
then,
use Net::LDAP;
$ldap->bind();
$mesg = $ldap->bind("cn=USERJO,cn=MYTEST","welcome");
Should work?? I Get an Error 48 with the above...
- Alex
-----Original Message-----
From: pau...@cp... [mailto:pau...@cp...]
Sent: Monday, September 16, 2002 1:13 PM
To: DeMarco, Alex; LDAP Mailing List
Subject: RE: [Fwd] checkauth problem
Error 32 is no such object. (Assuming Exchange 5.5 as your ldap server)
You don't need to search for the DN of the entry you want to bind as. Just
bind directly with cn=samAccountName,cn=Domain.
>When I do I get an LDAP Error 32, where can I get a list of what the errors
>mean?
For LDAPv3, see RFC 2251
>-- Original Message --
>From: "DeMarco, Alex" <DEM...@sy...>
>Subject: RE: [Fwd] checkauth problem
>To: "'pau...@cp...'" <pau...@cp...>,
> LDAP Mailing List <per...@li...>
>Date: Mon, 16 Sep 2002 12:59:28 -0400
>
>
>So I should use this:
>
>my $base = "cn=demarcao,cn=SUNY";
>?
>
>When I do I get an LDAP Error 32, where can I get a list of what the errors
>mean?
>
>Thanks for the help..
>
>- Alex
>
>-----Original Message-----
>From: pau...@cp... [mailto:pau...@cp...]
>Sent: Monday, September 16, 2002 11:56 AM
>To: LDAP Mailing List
>Cc: DeMarco, Alex
>Subject: RE: [Fwd] checkauth problem
>
>
>When binding to Exchange, you don't use the Exchange DN. Instead use a
DN
>based on the userid and the domain of the form cn=<userid>,cn=<domain>,
>e.g.
>
>cn=Administrator,cn=TESTDOM
>
>The password is the domain password.
>
>>-- Original Message --
>>From: Graham Barr <gb...@po...>
>>To: LDAP Mailing List <per...@li...>
>>Cc: "DeMarco, Alex" <DEM...@sy...>
>>Subject: [Fwd] checkauth problem
>>Date: Mon, 16 Sep 2002 13:23:43 +0100
>>
>>
>>----- Forwarded message from "DeMarco, Alex" <DEM...@sy...>
>-----
>>
>>Date: Mon, 16 Sep 2002 08:21:47 -0400
>>To: "'gb...@po...'" <gb...@po...>
>>From: "DeMarco, Alex" <DEM...@sy...>
>>Subject: checkauth problem
>>
>>Hello, I'm using the script below but cannot get it to work right.
>>It appears to run fine but I keep getting bad userid or password.
>>
>>I'm trying to authenticate against an Exchange 5.5 server that is running
>>ldap.
>>I've tried my plain userid and domain\userid without any luck. Am I
missing
>>something? Any hints would be appreciated.
>>
>>thanks!
>>
>>- Alex
>>
>>
>>
>>#!/usr/local/bin/perl
>>#
>># Contributed by Mark Wilcox <mew...@un...>
>>
>>use Net::LDAP;
>>#checkauth.pl
>>#get id and password from command line
>>#return if authenticated or not
>>my $id = shift;
>>my $password = shift;
>>
>>print "id is $id\n";
>>die ("usage checkauth.pl uid password.") unless (($id) && ($password));
>>
>>my $host = "141.254.1.24";
>>my $base = "o=SUNY";
>>my $ldap = new Net::LDAP($host);
>>
>>$ldap->bind();
>>
>>my @attrs = ["uid"];
>>
>>my $mesg = $ldap->search(
>> base => $base,
>> filter => "uid=$id",
>> attrs => @attrs
>> );
>>
>>print "LDAP error is ",$mesg->code(),"\n" if $mesg->code();
>>
>>
>>#if we don't trap a bad id, authentication will give false positive
>>#because LDAP server will revert to anonymous authentication
>>die ("bad id\n") unless $mesg->count();
>>
>>die("more than 1 entry matches uid\n") if $mesg->count > 1;
>>#get a complete dn from search return
>>my $entry = $mesg->entry(0); # CAUTION: assumes only one value returned
>>my $dn = $entry->dn;
>>
>>#now rebind and then do search again
>>$mesg = $ldap->bind($dn, password=>$password);
>>
>>
>>die ("bad id or password \n") if $mesg->code() ;
>>print "$id OK\n";
>>$ldap->unbind();
>>
>>print "done\n";
>>
>>----- End forwarded message -----
>>
>>
>>-------------------------------------------------------
>>This sf.net email is sponsored by:ThinkGeek
>>Welcome to geek heaven.
>>http://thinkgeek.com/sf
>
>---------------------------------------------------------------------------
-
>J. Paul Connolly
>Consulting Architect
>Critical Path
>42-47, Lower Mount St.,
>Dublin 2,
>Ireland
>+353-87-238-1327 (Mobile)
>+353-1-241-5152 (Direct)
>+353-1-241-5170 (Fax)
>pau...@cp...
>www.cp.net
>
>Critical Path
>A global leader in Internet communications
>---------------------------------------------------------------------------
-
>
----------------------------------------------------------------------------
J. Paul Connolly
Consulting Architect
Critical Path
42-47, Lower Mount St.,
Dublin 2,
Ireland
+353-87-238-1327 (Mobile)
+353-1-241-5152 (Direct)
+353-1-241-5170 (Fax)
pau...@cp...
www.cp.net
Critical Path
A global leader in Internet communications
----------------------------------------------------------------------------
|
|
From: Chris R. <chr...@ma...> - 2002-09-17 08:16:54
|
On 16/9/02 6:50 pm, DeMarco, Alex <DEM...@sy...> wrote:
> I'm slowly catching on.
>
> Since I will know the userid and the password and the domain for the person
> I am looking for, there is no sense in searching. Just try to bind as that
> user.. RIGHT?
>
> So if:
>
> Userid = USERJO
> password = welcome
> Domain = MYTEST
>
> then,
>
> use Net::LDAP;
> $ldap->bind();
> $mesg = $ldap->bind("cn=USERJO,cn=MYTEST","welcome");
>
> Should work?? I Get an Error 48 with the above...
>
> - Alex
Looks like my advice was pretty bogus, sorry!
As this sort of question does come up rather frequently (no criticism
intended!) we should maybe write an FAQ ("How do I bind to my xyz server")
on it.
Cheers,
Chris
|
|
From: Graham B. <gb...@po...> - 2002-09-17 13:52:58
|
On Tue, Sep 17, 2002 at 09:16:49AM +0100, Chris Ridd wrote:
> As this sort of question does come up rather frequently (no criticism
> intended!) we should maybe write an FAQ ("How do I bind to my xyz server")
> on it.
Well we do have an FAQ at http://search.cpan.org/perldoc?Net::LDAP::FAQ
If there is anything needed to be added please post to the list.
Graham.
|
|
From: Clif H. <cl...@di...> - 2002-09-17 14:15:00
|
>
> On Tue, Sep 17, 2002 at 09:16:49AM +0100, Chris Ridd wrote:
> > As this sort of question does come up rather frequently (no criticism
> > intended!) we should maybe write an FAQ ("How do I bind to my xyz server")
> > on it.
>
> Well we do have an FAQ at http://search.cpan.org/perldoc?Net::LDAP::FAQ
>
> If there is anything needed to be added please post to the list.
>
> Graham.
>
There are several bind examples but most of them
show; $mesg = $ldap->bind( $dn, password => $passwd );
I am probably going add addition text of something like
$mesg = $ldap->bind( dn => "uid=clif,ou=people,dc=my,dc=com",
password => "wxyz" );
Regards,
Clif
|
|
From: DeMarco, A. <DEM...@sy...> - 2002-09-16 18:50:05
|
A little more work and I get this message :
- inappropriateAuthentication: the server requires the client
which had attempted to bind anonymously or without supplying
credentials to provide some form of credentials,
doing this: my $mesg = $ldap->bind("cn=demarcao,cn=suny","password");
what am I missing?
- Alex
-----Original Message-----
From: pau...@cp... [mailto:pau...@cp...]
Sent: Monday, September 16, 2002 1:13 PM
To: DeMarco, Alex; LDAP Mailing List
Subject: RE: [Fwd] checkauth problem
Error 32 is no such object. (Assuming Exchange 5.5 as your ldap server)
You don't need to search for the DN of the entry you want to bind as. Just
bind directly with cn=samAccountName,cn=Domain.
>When I do I get an LDAP Error 32, where can I get a list of what the errors
>mean?
For LDAPv3, see RFC 2251
>-- Original Message --
>From: "DeMarco, Alex" <DEM...@sy...>
>Subject: RE: [Fwd] checkauth problem
>To: "'pau...@cp...'" <pau...@cp...>,
> LDAP Mailing List <per...@li...>
>Date: Mon, 16 Sep 2002 12:59:28 -0400
>
>
>So I should use this:
>
>my $base = "cn=demarcao,cn=SUNY";
>?
>
>When I do I get an LDAP Error 32, where can I get a list of what the errors
>mean?
>
>Thanks for the help..
>
>- Alex
>
>-----Original Message-----
>From: pau...@cp... [mailto:pau...@cp...]
>Sent: Monday, September 16, 2002 11:56 AM
>To: LDAP Mailing List
>Cc: DeMarco, Alex
>Subject: RE: [Fwd] checkauth problem
>
>
>When binding to Exchange, you don't use the Exchange DN. Instead use a
DN
>based on the userid and the domain of the form cn=<userid>,cn=<domain>,
>e.g.
>
>cn=Administrator,cn=TESTDOM
>
>The password is the domain password.
>
>>-- Original Message --
>>From: Graham Barr <gb...@po...>
>>To: LDAP Mailing List <per...@li...>
>>Cc: "DeMarco, Alex" <DEM...@sy...>
>>Subject: [Fwd] checkauth problem
>>Date: Mon, 16 Sep 2002 13:23:43 +0100
>>
>>
>>----- Forwarded message from "DeMarco, Alex" <DEM...@sy...>
>-----
>>
>>Date: Mon, 16 Sep 2002 08:21:47 -0400
>>To: "'gb...@po...'" <gb...@po...>
>>From: "DeMarco, Alex" <DEM...@sy...>
>>Subject: checkauth problem
>>
>>Hello, I'm using the script below but cannot get it to work right.
>>It appears to run fine but I keep getting bad userid or password.
>>
>>I'm trying to authenticate against an Exchange 5.5 server that is running
>>ldap.
>>I've tried my plain userid and domain\userid without any luck. Am I
missing
>>something? Any hints would be appreciated.
>>
>>thanks!
>>
>>- Alex
>>
>>
>>
>>#!/usr/local/bin/perl
>>#
>># Contributed by Mark Wilcox <mew...@un...>
>>
>>use Net::LDAP;
>>#checkauth.pl
>>#get id and password from command line
>>#return if authenticated or not
>>my $id = shift;
>>my $password = shift;
>>
>>print "id is $id\n";
>>die ("usage checkauth.pl uid password.") unless (($id) && ($password));
>>
>>my $host = "141.254.1.24";
>>my $base = "o=SUNY";
>>my $ldap = new Net::LDAP($host);
>>
>>$ldap->bind();
>>
>>my @attrs = ["uid"];
>>
>>my $mesg = $ldap->search(
>> base => $base,
>> filter => "uid=$id",
>> attrs => @attrs
>> );
>>
>>print "LDAP error is ",$mesg->code(),"\n" if $mesg->code();
>>
>>
>>#if we don't trap a bad id, authentication will give false positive
>>#because LDAP server will revert to anonymous authentication
>>die ("bad id\n") unless $mesg->count();
>>
>>die("more than 1 entry matches uid\n") if $mesg->count > 1;
>>#get a complete dn from search return
>>my $entry = $mesg->entry(0); # CAUTION: assumes only one value returned
>>my $dn = $entry->dn;
>>
>>#now rebind and then do search again
>>$mesg = $ldap->bind($dn, password=>$password);
>>
>>
>>die ("bad id or password \n") if $mesg->code() ;
>>print "$id OK\n";
>>$ldap->unbind();
>>
>>print "done\n";
>>
>>----- End forwarded message -----
>>
>>
>>-------------------------------------------------------
>>This sf.net email is sponsored by:ThinkGeek
>>Welcome to geek heaven.
>>http://thinkgeek.com/sf
>
>---------------------------------------------------------------------------
-
>J. Paul Connolly
>Consulting Architect
>Critical Path
>42-47, Lower Mount St.,
>Dublin 2,
>Ireland
>+353-87-238-1327 (Mobile)
>+353-1-241-5152 (Direct)
>+353-1-241-5170 (Fax)
>pau...@cp...
>www.cp.net
>
>Critical Path
>A global leader in Internet communications
>---------------------------------------------------------------------------
-
>
----------------------------------------------------------------------------
J. Paul Connolly
Consulting Architect
Critical Path
42-47, Lower Mount St.,
Dublin 2,
Ireland
+353-87-238-1327 (Mobile)
+353-1-241-5152 (Direct)
+353-1-241-5170 (Fax)
pau...@cp...
www.cp.net
Critical Path
A global leader in Internet communications
----------------------------------------------------------------------------
|
|
From: <pau...@cp...> - 2002-09-17 08:02:42
|
Try:
my $mesg =3D $ldap->bind("cn=3Ddemarcao,cn=3Dsuny", password =3D> "passwo=
rd");
See perldoc Net::LDAP for full details.
>-- Original Message --
>From: "DeMarco, Alex" <DEM...@sy...>
>Subject: RE: [Fwd] checkauth problem
>To: "'pau...@cp...'" <pau...@cp...>,
> LDAP Mailing List <per...@li...>
>Date: Mon, 16 Sep 2002 14:49:59 -0400
>
>
>A little more work and I get this message :
> - inappropriateAuthentication: the server requires the client
> which had attempted to bind anonymously or without supplying
> credentials to provide some form of credentials,
>
>doing this: my $mesg =3D $ldap->bind("cn=3Ddemarcao,cn=3Dsuny","password=
");
>what am I missing?
>
>- Alex
>
>-----Original Message-----
>From: pau...@cp... [mailto:pau...@cp...]
>Sent: Monday, September 16, 2002 1:13 PM
>To: DeMarco, Alex; LDAP Mailing List
>Subject: RE: [Fwd] checkauth problem
>
>
>Error 32 is no such object. (Assuming Exchange 5.5 as your ldap server)
>You don't need to search for the DN of the entry you want to bind as. Ju=
st
>bind directly with cn=3DsamAccountName,cn=3DDomain.
>
>>When I do I get an LDAP Error 32, where can I get a list of what the er=
rors
>>mean?
>
>For LDAPv3, see RFC 2251
>
>>-- Original Message --
>>From: "DeMarco, Alex" <DEM...@sy...>
>>Subject: RE: [Fwd] checkauth problem
>>To: "'pau...@cp...'" <pau...@cp...>,
>> LDAP Mailing List <per...@li...>
>>Date: Mon, 16 Sep 2002 12:59:28 -0400
>>
>>
>>So I should use this:
>>
>>my $base =3D "cn=3Ddemarcao,cn=3DSUNY";
>>?
>>
>>When I do I get an LDAP Error 32, where can I get a list of what the er=
rors
>>mean?
>>
>>Thanks for the help..
>>
>>- Alex
>>
>>-----Original Message-----
>>From: pau...@cp... [mailto:pau...@cp...]
>>Sent: Monday, September 16, 2002 11:56 AM
>>To: LDAP Mailing List
>>Cc: DeMarco, Alex
>>Subject: RE: [Fwd] checkauth problem
>>
>>
>>When binding to Exchange, you don't use the Exchange DN. Instead use a
>DN
>>based on the userid and the domain of the form cn=3D<userid>,cn=3D<doma=
in>,
>>e.g.
>>
>>cn=3DAdministrator,cn=3DTESTDOM
>>
>>The password is the domain password.
>>
>>>-- Original Message --
>>>From: Graham Barr <gb...@po...>
>>>To: LDAP Mailing List <per...@li...>
>>>Cc: "DeMarco, Alex" <DEM...@sy...>
>>>Subject: [Fwd] checkauth problem
>>>Date: Mon, 16 Sep 2002 13:23:43 +0100
>>>
>>>
>>>----- Forwarded message from "DeMarco, Alex" <DEM...@sy...=
>
>>-----
>>>
>>>Date: Mon, 16 Sep 2002 08:21:47 -0400
>>>To: "'gb...@po...'" <gb...@po...>
>>>From: "DeMarco, Alex" <DEM...@sy...>
>>>Subject: checkauth problem
>>>
>>>Hello, I'm using the script below but cannot get it to work right.
>>>It appears to run fine but I keep getting bad userid or password.
>>>
>>>I'm trying to authenticate against an Exchange 5.5 server that is runn=
ing
>>>ldap.
>>>I've tried my plain userid and domain\userid without any luck. Am I
>missing
>>>something? Any hints would be appreciated.
>>>
>>>thanks!
>>>
>>>- Alex
>>>
>>>
>>>
>>>#!/usr/local/bin/perl
>>>#
>>># Contributed by Mark Wilcox <mew...@un...>
>>>
>>>use Net::LDAP;
>>>#checkauth.pl
>>>#get id and password from command line
>>>#return if authenticated or not
>>>my $id =3D shift;
>>>my $password =3D shift;
>>>
>>>print "id is $id\n";
>>>die ("usage checkauth.pl uid password.") unless (($id) && ($password))=
;
>>>
>>>my $host =3D "141.254.1.24";
>>>my $base =3D "o=3DSUNY";
>>>my $ldap =3D new Net::LDAP($host);
>>>
>>>$ldap->bind();
>>>
>>>my @attrs =3D ["uid"];
>>>
>>>my $mesg =3D $ldap->search(
>>> base =3D> $base,
>>> filter =3D> "uid=3D$id",
>>> attrs =3D> @attrs
>>> );
>>>
>>>print "LDAP error is ",$mesg->code(),"\n" if $mesg->code();
>>>
>>>
>>>#if we don't trap a bad id, authentication will give false positive
>>>#because LDAP server will revert to anonymous authentication
>>>die ("bad id\n") unless $mesg->count();
>>>
>>>die("more than 1 entry matches uid\n") if $mesg->count > 1;
>>>#get a complete dn from search return
>>>my $entry =3D $mesg->entry(0); # CAUTION: assumes only one value retur=
ned
>>>my $dn =3D $entry->dn;
>>>
>>>#now rebind and then do search again
>>>$mesg =3D $ldap->bind($dn, password=3D>$password);
>>>
>>>
>>>die ("bad id or password \n") if $mesg->code() ;
>>>print "$id OK\n";
>>>$ldap->unbind();
>>>
>>>print "done\n";
>>>
>>>----- End forwarded message -----
>>>
>>>
>>>-------------------------------------------------------
>>>This sf.net email is sponsored by:ThinkGeek
>>>Welcome to geek heaven.
>>>http://thinkgeek.com/sf
>>
>>-----------------------------------------------------------------------=
----
>-
>>J. Paul Connolly
>>Consulting Architect
>>Critical Path
>>42-47, Lower Mount St.,
>>Dublin 2,
>>Ireland
>>+353-87-238-1327 (Mobile)
>>+353-1-241-5152 (Direct)
>>+353-1-241-5170 (Fax)
>>pau...@cp...
>>www.cp.net
>>
>>Critical Path
>>A global leader in Internet communications
>>-----------------------------------------------------------------------=
----
>-
>>
>
>------------------------------------------------------------------------=
----
>J. Paul Connolly
>Consulting Architect
>Critical Path
>42-47, Lower Mount St.,
>Dublin 2,
>Ireland
>+353-87-238-1327 (Mobile)
>+353-1-241-5152 (Direct)
>+353-1-241-5170 (Fax)
>pau...@cp...
>www.cp.net
>
>Critical Path
>A global leader in Internet communications
>------------------------------------------------------------------------=
----
>
-------------------------------------------------------------------------=
---
J. Paul Connolly
Consulting Architect
Critical Path
42-47, Lower Mount St.,
Dublin 2,
Ireland
+353-87-238-1327 (Mobile)
+353-1-241-5152 (Direct)
+353-1-241-5170 (Fax)
pau...@cp...
www.cp.net
Critical Path
A global leader in Internet communications
-------------------------------------------------------------------------=
---
|
|
From: DeMarco, A. <DEM...@sy...> - 2002-09-17 11:42:13
|
I got it working! Yahoo.... Thanks to all
- Alex
-----Original Message-----
From: pau...@cp... [mailto:pau...@cp...]
Sent: Tuesday, September 17, 2002 4:03 AM
To: DeMarco, Alex; LDAP Mailing List
Subject: RE: [Fwd] checkauth problem
Try:
my $mesg = $ldap->bind("cn=demarcao,cn=suny", password => "password");
See perldoc Net::LDAP for full details.
>-- Original Message --
>From: "DeMarco, Alex" <DEM...@sy...>
>Subject: RE: [Fwd] checkauth problem
>To: "'pau...@cp...'" <pau...@cp...>,
> LDAP Mailing List <per...@li...>
>Date: Mon, 16 Sep 2002 14:49:59 -0400
>
>
>A little more work and I get this message :
> - inappropriateAuthentication: the server requires the client
> which had attempted to bind anonymously or without supplying
> credentials to provide some form of credentials,
>
>doing this: my $mesg = $ldap->bind("cn=demarcao,cn=suny","password");
>what am I missing?
>
>- Alex
>
>-----Original Message-----
>From: pau...@cp... [mailto:pau...@cp...]
>Sent: Monday, September 16, 2002 1:13 PM
>To: DeMarco, Alex; LDAP Mailing List
>Subject: RE: [Fwd] checkauth problem
>
>
>Error 32 is no such object. (Assuming Exchange 5.5 as your ldap server)
>You don't need to search for the DN of the entry you want to bind as. Just
>bind directly with cn=samAccountName,cn=Domain.
>
>>When I do I get an LDAP Error 32, where can I get a list of what the
errors
>>mean?
>
>For LDAPv3, see RFC 2251
>
>>-- Original Message --
>>From: "DeMarco, Alex" <DEM...@sy...>
>>Subject: RE: [Fwd] checkauth problem
>>To: "'pau...@cp...'" <pau...@cp...>,
>> LDAP Mailing List <per...@li...>
>>Date: Mon, 16 Sep 2002 12:59:28 -0400
>>
>>
>>So I should use this:
>>
>>my $base = "cn=demarcao,cn=SUNY";
>>?
>>
>>When I do I get an LDAP Error 32, where can I get a list of what the
errors
>>mean?
>>
>>Thanks for the help..
>>
>>- Alex
>>
>>-----Original Message-----
>>From: pau...@cp... [mailto:pau...@cp...]
>>Sent: Monday, September 16, 2002 11:56 AM
>>To: LDAP Mailing List
>>Cc: DeMarco, Alex
>>Subject: RE: [Fwd] checkauth problem
>>
>>
>>When binding to Exchange, you don't use the Exchange DN. Instead use a
>DN
>>based on the userid and the domain of the form cn=<userid>,cn=<domain>,
>>e.g.
>>
>>cn=Administrator,cn=TESTDOM
>>
>>The password is the domain password.
>>
>>>-- Original Message --
>>>From: Graham Barr <gb...@po...>
>>>To: LDAP Mailing List <per...@li...>
>>>Cc: "DeMarco, Alex" <DEM...@sy...>
>>>Subject: [Fwd] checkauth problem
>>>Date: Mon, 16 Sep 2002 13:23:43 +0100
>>>
>>>
>>>----- Forwarded message from "DeMarco, Alex" <DEM...@sy...>
>>-----
>>>
>>>Date: Mon, 16 Sep 2002 08:21:47 -0400
>>>To: "'gb...@po...'" <gb...@po...>
>>>From: "DeMarco, Alex" <DEM...@sy...>
>>>Subject: checkauth problem
>>>
>>>Hello, I'm using the script below but cannot get it to work right.
>>>It appears to run fine but I keep getting bad userid or password.
>>>
>>>I'm trying to authenticate against an Exchange 5.5 server that is running
>>>ldap.
>>>I've tried my plain userid and domain\userid without any luck. Am I
>missing
>>>something? Any hints would be appreciated.
>>>
>>>thanks!
>>>
>>>- Alex
>>>
>>>
>>>
>>>#!/usr/local/bin/perl
>>>#
>>># Contributed by Mark Wilcox <mew...@un...>
>>>
>>>use Net::LDAP;
>>>#checkauth.pl
>>>#get id and password from command line
>>>#return if authenticated or not
>>>my $id = shift;
>>>my $password = shift;
>>>
>>>print "id is $id\n";
>>>die ("usage checkauth.pl uid password.") unless (($id) && ($password));
>>>
>>>my $host = "141.254.1.24";
>>>my $base = "o=SUNY";
>>>my $ldap = new Net::LDAP($host);
>>>
>>>$ldap->bind();
>>>
>>>my @attrs = ["uid"];
>>>
>>>my $mesg = $ldap->search(
>>> base => $base,
>>> filter => "uid=$id",
>>> attrs => @attrs
>>> );
>>>
>>>print "LDAP error is ",$mesg->code(),"\n" if $mesg->code();
>>>
>>>
>>>#if we don't trap a bad id, authentication will give false positive
>>>#because LDAP server will revert to anonymous authentication
>>>die ("bad id\n") unless $mesg->count();
>>>
>>>die("more than 1 entry matches uid\n") if $mesg->count > 1;
>>>#get a complete dn from search return
>>>my $entry = $mesg->entry(0); # CAUTION: assumes only one value returned
>>>my $dn = $entry->dn;
>>>
>>>#now rebind and then do search again
>>>$mesg = $ldap->bind($dn, password=>$password);
>>>
>>>
>>>die ("bad id or password \n") if $mesg->code() ;
>>>print "$id OK\n";
>>>$ldap->unbind();
>>>
>>>print "done\n";
>>>
>>>----- End forwarded message -----
>>>
>>>
>>>-------------------------------------------------------
>>>This sf.net email is sponsored by:ThinkGeek
>>>Welcome to geek heaven.
>>>http://thinkgeek.com/sf
>>
>>--------------------------------------------------------------------------
-
>-
>>J. Paul Connolly
>>Consulting Architect
>>Critical Path
>>42-47, Lower Mount St.,
>>Dublin 2,
>>Ireland
>>+353-87-238-1327 (Mobile)
>>+353-1-241-5152 (Direct)
>>+353-1-241-5170 (Fax)
>>pau...@cp...
>>www.cp.net
>>
>>Critical Path
>>A global leader in Internet communications
>>--------------------------------------------------------------------------
-
>-
>>
>
>---------------------------------------------------------------------------
-
>J. Paul Connolly
>Consulting Architect
>Critical Path
>42-47, Lower Mount St.,
>Dublin 2,
>Ireland
>+353-87-238-1327 (Mobile)
>+353-1-241-5152 (Direct)
>+353-1-241-5170 (Fax)
>pau...@cp...
>www.cp.net
>
>Critical Path
>A global leader in Internet communications
>---------------------------------------------------------------------------
-
>
----------------------------------------------------------------------------
J. Paul Connolly
Consulting Architect
Critical Path
42-47, Lower Mount St.,
Dublin 2,
Ireland
+353-87-238-1327 (Mobile)
+353-1-241-5152 (Direct)
+353-1-241-5170 (Fax)
pau...@cp...
www.cp.net
Critical Path
A global leader in Internet communications
----------------------------------------------------------------------------
|
|
From: <pau...@cp...> - 2002-09-16 17:12:45
|
Error 32 is no such object. (Assuming Exchange 5.5 as your ldap server)
You don't need to search for the DN of the entry you want to bind as. Jus=
t
bind directly with cn=3DsamAccountName,cn=3DDomain.
>When I do I get an LDAP Error 32, where can I get a list of what the err=
ors
>mean?
For LDAPv3, see RFC 2251
>-- Original Message --
>From: "DeMarco, Alex" <DEM...@sy...>
>Subject: RE: [Fwd] checkauth problem
>To: "'pau...@cp...'" <pau...@cp...>,
> LDAP Mailing List <per...@li...>
>Date: Mon, 16 Sep 2002 12:59:28 -0400
>
>
>So I should use this:
>
>my $base =3D "cn=3Ddemarcao,cn=3DSUNY";
>?
>
>When I do I get an LDAP Error 32, where can I get a list of what the err=
ors
>mean?
>
>Thanks for the help..
>
>- Alex
>
>-----Original Message-----
>From: pau...@cp... [mailto:pau...@cp...]
>Sent: Monday, September 16, 2002 11:56 AM
>To: LDAP Mailing List
>Cc: DeMarco, Alex
>Subject: RE: [Fwd] checkauth problem
>
>
>When binding to Exchange, you don't use the Exchange DN. Instead use a
DN
>based on the userid and the domain of the form cn=3D<userid>,cn=3D<domai=
n>,
>e.g.
>
>cn=3DAdministrator,cn=3DTESTDOM
>
>The password is the domain password.
>
>>-- Original Message --
>>From: Graham Barr <gb...@po...>
>>To: LDAP Mailing List <per...@li...>
>>Cc: "DeMarco, Alex" <DEM...@sy...>
>>Subject: [Fwd] checkauth problem
>>Date: Mon, 16 Sep 2002 13:23:43 +0100
>>
>>
>>----- Forwarded message from "DeMarco, Alex" <DEM...@sy...>=
>-----
>>
>>Date: Mon, 16 Sep 2002 08:21:47 -0400
>>To: "'gb...@po...'" <gb...@po...>
>>From: "DeMarco, Alex" <DEM...@sy...>
>>Subject: checkauth problem
>>
>>Hello, I'm using the script below but cannot get it to work right.
>>It appears to run fine but I keep getting bad userid or password.
>>
>>I'm trying to authenticate against an Exchange 5.5 server that is runni=
ng
>>ldap.
>>I've tried my plain userid and domain\userid without any luck. Am I mis=
sing
>>something? Any hints would be appreciated.
>>
>>thanks!
>>
>>- Alex
>>
>>
>>
>>#!/usr/local/bin/perl
>>#
>># Contributed by Mark Wilcox <mew...@un...>
>>
>>use Net::LDAP;
>>#checkauth.pl
>>#get id and password from command line
>>#return if authenticated or not
>>my $id =3D shift;
>>my $password =3D shift;
>>
>>print "id is $id\n";
>>die ("usage checkauth.pl uid password.") unless (($id) && ($password));=
>>
>>my $host =3D "141.254.1.24";
>>my $base =3D "o=3DSUNY";
>>my $ldap =3D new Net::LDAP($host);
>>
>>$ldap->bind();
>>
>>my @attrs =3D ["uid"];
>>
>>my $mesg =3D $ldap->search(
>> base =3D> $base,
>> filter =3D> "uid=3D$id",
>> attrs =3D> @attrs
>> );
>>
>>print "LDAP error is ",$mesg->code(),"\n" if $mesg->code();
>>
>>
>>#if we don't trap a bad id, authentication will give false positive
>>#because LDAP server will revert to anonymous authentication
>>die ("bad id\n") unless $mesg->count();
>>
>>die("more than 1 entry matches uid\n") if $mesg->count > 1;
>>#get a complete dn from search return
>>my $entry =3D $mesg->entry(0); # CAUTION: assumes only one value return=
ed
>>my $dn =3D $entry->dn;
>>
>>#now rebind and then do search again
>>$mesg =3D $ldap->bind($dn, password=3D>$password);
>>
>>
>>die ("bad id or password \n") if $mesg->code() ;
>>print "$id OK\n";
>>$ldap->unbind();
>>
>>print "done\n";
>>
>>----- End forwarded message -----
>>
>>
>>-------------------------------------------------------
>>This sf.net email is sponsored by:ThinkGeek
>>Welcome to geek heaven.
>>http://thinkgeek.com/sf
>
>------------------------------------------------------------------------=
----
>J. Paul Connolly
>Consulting Architect
>Critical Path
>42-47, Lower Mount St.,
>Dublin 2,
>Ireland
>+353-87-238-1327 (Mobile)
>+353-1-241-5152 (Direct)
>+353-1-241-5170 (Fax)
>pau...@cp...
>www.cp.net
>
>Critical Path
>A global leader in Internet communications
>------------------------------------------------------------------------=
----
>
-------------------------------------------------------------------------=
---
J. Paul Connolly
Consulting Architect
Critical Path
42-47, Lower Mount St.,
Dublin 2,
Ireland
+353-87-238-1327 (Mobile)
+353-1-241-5152 (Direct)
+353-1-241-5170 (Fax)
pau...@cp...
www.cp.net
Critical Path
A global leader in Internet communications
-------------------------------------------------------------------------=
---
|
|
From: Graham B. <gb...@po...> - 2002-09-16 17:26:22
|
On Mon, Sep 16, 2002 at 12:59:28PM -0400, DeMarco, Alex wrote:
> So I should use this:
>
> my $base = "cn=demarcao,cn=SUNY";
> ?
>
> When I do I get an LDAP Error 32, where can I get a list of what the errors
> mean?
$ perl -MNet::LDAP::Util=ldap_error_text -le 'print ldap_error_text(32)'
The server cannot find an object specified in the request
$ perl -MNet::LDAP::Util=ldap_error_desc -le 'print ldap_error_desc(32)'
No such object
The scond can be got via $mesg->error where $mesg is returned from the method
Graham.
>
> Thanks for the help..
>
> - Alex
>
> -----Original Message-----
> From: pau...@cp... [mailto:pau...@cp...]
> Sent: Monday, September 16, 2002 11:56 AM
> To: LDAP Mailing List
> Cc: DeMarco, Alex
> Subject: RE: [Fwd] checkauth problem
>
>
> When binding to Exchange, you don't use the Exchange DN. Instead use a DN
> based on the userid and the domain of the form cn=<userid>,cn=<domain>,
> e.g.
>
> cn=Administrator,cn=TESTDOM
>
> The password is the domain password.
>
> >-- Original Message --
> >From: Graham Barr <gb...@po...>
> >To: LDAP Mailing List <per...@li...>
> >Cc: "DeMarco, Alex" <DEM...@sy...>
> >Subject: [Fwd] checkauth problem
> >Date: Mon, 16 Sep 2002 13:23:43 +0100
> >
> >
> >----- Forwarded message from "DeMarco, Alex" <DEM...@sy...>
> -----
> >
> >Date: Mon, 16 Sep 2002 08:21:47 -0400
> >To: "'gb...@po...'" <gb...@po...>
> >From: "DeMarco, Alex" <DEM...@sy...>
> >Subject: checkauth problem
> >
> >Hello, I'm using the script below but cannot get it to work right.
> >It appears to run fine but I keep getting bad userid or password.
> >
> >I'm trying to authenticate against an Exchange 5.5 server that is running
> >ldap.
> >I've tried my plain userid and domain\userid without any luck. Am I missing
> >something? Any hints would be appreciated.
> >
> >thanks!
> >
> >- Alex
> >
> >
> >
> >#!/usr/local/bin/perl
> >#
> ># Contributed by Mark Wilcox <mew...@un...>
> >
> >use Net::LDAP;
> >#checkauth.pl
> >#get id and password from command line
> >#return if authenticated or not
> >my $id = shift;
> >my $password = shift;
> >
> >print "id is $id\n";
> >die ("usage checkauth.pl uid password.") unless (($id) && ($password));
> >
> >my $host = "141.254.1.24";
> >my $base = "o=SUNY";
> >my $ldap = new Net::LDAP($host);
> >
> >$ldap->bind();
> >
> >my @attrs = ["uid"];
> >
> >my $mesg = $ldap->search(
> > base => $base,
> > filter => "uid=$id",
> > attrs => @attrs
> > );
> >
> >print "LDAP error is ",$mesg->code(),"\n" if $mesg->code();
> >
> >
> >#if we don't trap a bad id, authentication will give false positive
> >#because LDAP server will revert to anonymous authentication
> >die ("bad id\n") unless $mesg->count();
> >
> >die("more than 1 entry matches uid\n") if $mesg->count > 1;
> >#get a complete dn from search return
> >my $entry = $mesg->entry(0); # CAUTION: assumes only one value returned
> >my $dn = $entry->dn;
> >
> >#now rebind and then do search again
> >$mesg = $ldap->bind($dn, password=>$password);
> >
> >
> >die ("bad id or password \n") if $mesg->code() ;
> >print "$id OK\n";
> >$ldap->unbind();
> >
> >print "done\n";
> >
> >----- End forwarded message -----
> >
> >
> >-------------------------------------------------------
> >This sf.net email is sponsored by:ThinkGeek
> >Welcome to geek heaven.
> >http://thinkgeek.com/sf
>
> ----------------------------------------------------------------------------
> J. Paul Connolly
> Consulting Architect
> Critical Path
> 42-47, Lower Mount St.,
> Dublin 2,
> Ireland
> +353-87-238-1327 (Mobile)
> +353-1-241-5152 (Direct)
> +353-1-241-5170 (Fax)
> pau...@cp...
> www.cp.net
>
> Critical Path
> A global leader in Internet communications
> ----------------------------------------------------------------------------
>
|
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X